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Amendments to the Claims; 

This listing of claims will replace all prior versions, and listings, of claims in the 

application: 
Listing of Claims ; 

1. (Currently Amended) A method for distributing encryption keys in a 
Wireless Local Area Network ( WLAN). said WLAN having an AP and a plurality of mobile hosts 
storing identification information, the mobile hosts communicating with the AP through wireless 
channels, the AP and th e e xt e rnal n e twork conn e cting with th e auth e ntication d e vic e which 
authenticates the mobile hosts, the authentication device storing identification information of all 

(4-) a — mobile — host — sending receiving, by an authentication device, an 

authentication request containing identification information to th e auth e ntication d e vic e for identity 
authenticatio n from a mobile host : 

(3) the authentication device authenticating the -said m obile host according to 

said i dentification information; contained in the authentication request, and 

message comprising ACCESS REJECT information t o fee -said m obile hos t via th e AP , and 

if fee— authentication succeeds, the authentication device sending a key-related 
information Ml to AP and sending a message comprising ACCESS ACCEPT information an 
access point (AP) and a message comprising the ACCESS ACCEPT information t o fee -said m obile 

wherein if containing a^key-related information M2 is comprised in said message 
comprising the ACCESSACCEPT information, said message being — comprising the 
ACCESS ACCEPT information is encrypted: m4 

(3) AP obtaining the key from the said key-related information Ml sent from the 

authentication device, and the mobile host obtaining the key from said is used to obtain a key by 
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said AP. said m essage sent from the — authentication dovioo via the AP comprising the 
ACCESS ACCEPT information is used to obtain the key by the mobile host . 

2. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein said key-related information Ml is the corresponding property 
information searched by said authentication device according to the identification information 
contained in the auth e ntication request , the method of said AP obtains obtaining t he key comprises: 

through generating it^eaa -the key according to said property information with a key 
generation algorithm; whereas and the method of said mobile host obtains obtaining t he key through 
comprises: 

generating it from t he key according to p roperty information stored in itself 

the mobile host with the same key generation algorithm after said mobile host receives said message 
comprising the ACCESS ACCEPT information forwarded by AP . 

3. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein said key-related information Ml is the corresponding property 
information scarclicd by said authentication device according to the identification information 
contained in the authentication request , 

the method of said AP obtains obtaining t he key through comprises: 

generating it -the key w ith a key generation algorithm; said key-related 
information M2 is the -said k ey generated and encrypted by said A P with said property information 
and then is sent to said mobile host along with said ACCESS ACCEPT message, said mobile host 
obtains obtaining t he key through decrypting information M2 with said property information. 
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4. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein said key-related information Ml is the key generated from said property 
information corresponding to the identification information contained in said authentication request 
by said authentication device with a key generation algorithm, the method of said mobile host 
obtains obtaining t he key comprises: 

through generating it fi'om t he key according to said property information stored in 
itselj ^the mobile host with the same key generation algorithm after receiving said 
ACCESS_ACCEPT message. 

5. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein said information Ml and M2 are the key generated from said property 
information corresponding to the identification information contained in said authentication request 
by said authentication device with a key generation algorithm, said information M2 is encrypted 
with said property information and then sent to said mobile host along with said 
ACCESS ACCEPT message, the method of said mobile host obtains obtaining t he key comprises: 

through decrypting said information M2 wi#i -according to t he property information 
stored in itsetf -the mobile host after receiving said ACCESS ACCEPT message. 

6. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein when receiving data packets encrypted with a key sent from the mobile 
host, said AP updates the key through the following steps of: 

(al) said AP generating a random number and generating a new key from said 
random number with any key generation algorithm; 

(bl) said AP adding said random number to a key update message and then 
sending said message to said mobile host; 

(cl) when receiving said key update message, said mobile host generating a new 
key from said random number contained in said key update message with the same key generation 
algorithm as that in step (al); 
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(dl) said mobile host encrypting the data packets to be sent to the AP with said 
new key and then sending the encrypted data packets to the AP, during the encryption process, said 
mobile host adding an encryption identifier to said data packets and changing the value of said 
encryption identifier to indicate the communication key has been changed; and 

(el) when receiving the data packets from said mobile host, said AP d e t e rmin es 
determining whether to change the key according to value of said encryption identifier. 

7. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein in order to achieve encryption communication with the new key, when 
receiving the data packets encrypted with the key sent from said mobile host, said AP updates the 
key periodically or aperiodically through the following steps of: 

(a2) said AP generating a new key in any way and encrypting said new key with 
the present key; 

(b2) said AP adding the encrypted key to the key update message and then 
sending said message to said mobile host; 

(c2) when receiving said key update message, said mobile host decrj^ting the 
new key contained in said key update message with the present key so as to obtain said new key; 

(d2) said mobile host encrypting the data packets to be sent to AP with said new 
key and then sending the encrypted data packets to AP, during the encryption process, said mobile 
host adding an encryption identifier to said data packets and changing the value of said encryption 
identifier to indicate the communication key has been changed; and 

(e2) when receiving the data packets from said mobile host, said AP determines 
whether to change the key according to value of said encryption identifier. 
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8. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein when receiving the data packets encrypted with the key sent from said 
mobile host, said AP updates the key periodically or aperiodically through the following steps of: 

(a3) said Authentication device generating a random number which is used to 
generate a new key with the key generation algorithm, and then said authentication device sending 
said new key to AP, and sending said random number to said mobile host via AP; 

(b3) said AP sending said key update message to said mobile host after receiving 

said new key; 

(c3) when receiving said random number from said authentication device and said 
key update message from AP, said mobile host generating a new key from said random number 
with the same key generation algorithm as that in step (a3); 

(d3) said mobile host encrypting the data packets to be sent to AP with said new 
key and then sending the encrypted data packets to AP, during the encryption process, said mobile 
host adding an encryption identifier to said data packets and changing the value of said encryption 
identifier to indicate the communication key has been changed; and 

(e3) when receiving the data packets from said mobile host, said AP determines 
whether to change the key according to value of said encryption identifier. 

9. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein in order to achieve encryption communication with the new key, when 
receiving the data packets encr3^ted with the key sent from said mobile host, said AP updates the 
key periodically or aperiodically through the following steps of 

(a4) said AP generating a new key in any way and encrypting said new key with 
the present key, then sending said new key to said AP, whereas sending the encrypted new key to 
said mobile host via said AP; 

(b4) after receiving said new key, said AP sending a key update message to said 

mobile host; 
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(c4) when receiving the encrypted key from said authentication device and said 
key update message from said AP, said mobile host decrypting the encrypted key with the present 
key to obtain a new key; 

(d4) said mobile host encrypting the data packets to be sent to AP with said new 
key and then sending the encrypted data packets to AP, during the encryption process, said mobile 
host adding an encryption identifier to said data packets and changing the value of said encrj^tion 
identifier to indicate the communication key has been changed; and 

(e4) when receiving the data packets from said mobile host, said AP determines 
whether to change the key according to value of said encryption identifier. 

10. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 1 wherein said authentication device is an authentication server installed in said 
external network. 

11. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 6 wherein said authentication device is an authentication server installed in said 
external network. 

12. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 7 wherein said authentication device is an authentication server installed in said 
external network. 

13. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 8 wherein said authentication device is an authentication server installed in said 
external network. 

14. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 9 wherein said authentication device is an authentication server installed in said 
external network. 
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15. (Currently Amended) The method for distributing encryption keys in tiie 
WLAN of claim 1 wherein said authentication device is a wireless gateway that connects said AP 
with said-external network. 

16. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 6 wherein said authentication device is a wireless gateway that connects said AP 
with said-extemal network. 

17. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 7 wherein said authentication device is a wireless gateway that connects said AP 
with said-extemal network. 

18. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 8 wherein said authentication device is a wireless gateway that connects said AP 
with said-extemal network. 

19. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 9 wherein said authentication device is a wireless gateway that connects said AP 
with said-extemal network. 

20. (Currently Amended) The method for distributing encryption keys in tiie 
WLAN of claim 1 wherein said authentication device includes isaid-a^wireless gateway and said 
authentication server installed in external network. 

21. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 6 wherein said authentication device includes isaid-a_wireless gateway and said 
authentication server installed in external network. 
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22. (Currently Amended) The method for distributing encryption keys in tiie 
WLAN of claim 7 wherein said authentication device includes said-a^wireless gateway and said 
authentication server installed in external network. 

23. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 8 wherein said authentication device includes isaid-a^wireless gateway and said 
authentication server installed in external network. 

24. (Currently Amended) The method for distributing encryption keys in the 
WLAN of claim 9 wherein said authentication device includes said-a^wireless gateway and said 
authentication server installed in external network. 

25. (New) An authentication device, comprising: 

a receiving module configured to receive an authentication request from a mobile 
host, said authentication request comprising identification information for identity authentication; 

an authentication module configured to authenticate said mobile host according to 
said identification information; 

a sending module configured to send a message comprising ACCESS REJECT 
information to said mobile host if authentication fails, to send a key-related information Ml to an 
access point (AP) and to send a message comprising the ACCESS ACCEPT information to said 
mobile host if authentication succeeds. 

26. (New) A system, comprising: 

a mobile host, an authentication device, and an access point (AP); 
said authentication device configured to receive an authentication request from said 
mobile host, said authentication request comprising identification information for identity 

authentication, for authenticating said mobile host according to said identification information, for 
sending an ACCEPT REJECT message to said mobile host if authentication fails, for sending key- 
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related information Ml to an access point (AP), and for sending a message comprising 
ACCESS ACCEPT information to said mobile host if authentication succeeds; 

said mobile host configured to send an authentication request containing 
identification information for identity authentication and obtaining a key according to said message 
comprising the ACCESS ACCEPT information; and 

said AP configured to receive said key-related information Ml and obtain key 
according to said key-related information Ml. 
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